Ex-Anonymous spokesmouth Barrett Brown's indictment for links to stolen credit card numbers could be bad news for the rest of us

InfoWorld|Dec 10, 2012

Don't look now, but there's a crime wave surging across the Webbernets. Everywhere around you, people are recklessly sharing dangerous and illegal hyperlinks. Lock up your children, barricade the doors and windows, throttle your broadband connection, and pray that the FBI gets to these scofflaws in time.

Broken down into its essentials, the indictment says Brown had 15 or so credit card numbers and card verification values (CVVs) in his possession, which were taken from Stratfor during the Anonymous hack. It doesn't say he broke into Stratfor's computers and stole them. It doesn't say he attempted to use them to purchase something. It doesn't say he tried to sell them for a profit. It merely says he had possession of them. That, according to federal law, is enough to put him away for 15 years or more.

It's the last count that's got everyone's attention because the court is accusing Brown of violating the law by copying a URL from one IRC chat session and pasting it into another. That Web address was a link to a data dump consisting of 5,000+ credit card numbers for subscribers to Stratfor's newsletters. Per the grand jury indictment:

...by transferring and posting the hyperlink, Brown caused the data to be made available to other persons' online without the knowledge and authorization of Stratfor Global Intelligence and the card holders.

Taking that to its logical extreme, anyone who posts a link to information obtained through less-than-legal means could be subject to prosecution. That touches a great many journalists, including yours truly.

Personally, I try to be careful about what I link to. For example, if I write about some hacker who posts stolen credit card numbers or other personally identifiable information to Pastebin, I make it a point to not include links to that cache, to avoid doing further damage to the victims. I can't swear I've done a perfect job of that, though, and I know other journos who are less scrupulous about that sort of thing.

Most of the time the lines are pretty fuzzy. For example: The Anons posted 5 million illegally obtained Stratfor emails to WikiLeaks last March. It's extremely likely there was personally identifiable information -- possibly even credit card numbers -- in those emails. Am I now suddenly liable for damage caused by the spilling of those emails because there's a hyperlink to them in this post? That's nuts.